New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert
CSO Online 25.03.2026 23:55
A new critical vulnerability that is similar to the widely-exploited CitrixBleed and CitrixBleed2 holes should be patched in NetScaler devices immediately, say experts.
The hole, CVE-2026-3055, is an out-of-bounds read vulnerability in customer-managed NetScaler ADC and NetScaler Gateway devices configured as SAML IDP for approving identity and authentication. It’s rated at 9.3 in severity on the CVSS scale,
Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service
CSO Online 25.03.2026 18:28
Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be chained to cause a denial-of-service outage, infrastructure security company Opswat has revealed.
The two most operationally significant are CVE-2026-20114 and CVE-2026-20110, which the researchers found could be chained to make possible a dangerous privilege escalation. Opswat’s Unit 515 Critical Infrastructure Protection (CIP) Lab discovered them and reported them to Cisco last July.
Datenbankmanagementsystem MariaDB kann crashen oder Schadcode auf Systeme lassen
Heise Security 25.03.2026 12:43
Die Entwickler von MariaDB haben eine Sicherheitslücke geschlossen. Ein Patch ist verfügbar.
Version 1.0: Microsoft SharePoint - Angreifer nutzen kritische Schwachstelle aktiv aus
BSI Cybersicherheitswarnungen des CERT-Bund 25.03.2026 11:10
Sen. Wyden Warns of Another Section 702 Abuse
Schneier on Security 25.03.2026 11:02
Sen. Ron Wyden is warning us of an abuse of Section 702:
Wyden took to the Senate floor to deliver a lengthy speech, ostensibly about the since approved (with support of many Democrats) nomination of Joshua Rudd to lead the NSA. Wyden was protesting that nomination, but in the context of Rudd being unwilling to agree to basic constitutional limitations on NSA surveillance. But that’s just a jumping off point ahead of Section 702’s upcoming reauthorization deadline. Buried in the speech is a passage that should set off every alarm bell:
There’s another example of secret law related to Section 702, one that directly affects the privacy rights of Americans. For years, I have asked various administrations to declassify this matter. Thus far they have all refused, although I am still waiting for a response from DNI Gabbard. I strongly believe that this matter can and should be declassified and that Congress needs to debate it openly before Section 702 is reauthorized. In fact, …
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
The Hacker News 25.03.2026 07:11
The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, citing "unacceptable" risks to cyber and national security.
The action was designed to safeguard Americans and the underlying communications networks the country relies on, FCC Chairman Brendan Carr said in a post on X. The development means that new models of